VERILOG DESIGN OF BIST ON AES256 PROCESSOR CORE
WITH FPGA IMPLEMENTATION
HEW KEAN YUNG
UNIVERSITI TEKNOLOGI MALAYSIA
VERILOG DESIGN OF BIST ON AES256 PROCESSOR CORE
WITH FPGA IMPLEMENTATION
HEW KEAN YUNG
A project report submitted in partial fulfilment of the
requirements for the award of the degree of
Master of Engineering (Computer & Microelectronic System)
Faculty of Electrical Engineering
Universiti Teknologi Malaysia
OCTOBER 2008
iii
To my beloved father and mother, sister and brother, and friends.
iv
ACKNOWLEDGEMENT
The project entitled “Verilog Design of BIST on AES256 Processor Core
with FPGA Implementation” was completed due to cooperation and assistance of a
number of people. Hence, I would like to take this opportunity to express my
gratitude and appreciation to anyone and everyone who has contributed explicitly or
implicitly towards the success of this project. Acknowledgment is particularly given
to my project supervisor, Professor Dr. Mohamed Khalil bin Hj. Mohd Hani, for
encouragement, guidance, critics, advice and support.
I am indebted to Intel Microelectronics (M) Sdn. Bhd for funding my part-
time Master study. My Intel manager and my fellow postgraduate coursemates
should also deserve special thanks for their encouragement and assistance throughout
the research. Special appreciation to Lai Yit Pin and Vishnu Param for their advice
and previous works done on AES256 processor core as well.
Last but not least, a really big thank you to my parents, who are always by
my side offering me moral support and motivating me the most throughout this
research. Without their encouragement, I would not have gone so far.
v
ABSTRACT
Cryptography is very important to ensure secured data storage and
transmission through encryption technique in this digital world. The most widely
used cryptography algorithm is the Advanced Encryption Standard (AES) published
in 2001. AES algorithm is fast and easy to be implemented, and it aims to protect
data and ensure privacy. Hence, AES hardware cannot afford any encryption failure
which will corrupt the whole system. Built-In-Self-Test (BIST) introduced into the
AES system will increase the system testability and reliability, which in turn will
protect the system from attack and will incur less testing cost. This project aims to
continue previous UTM student’s research on FPGA implementation of AES system
in System-on-Chip (SoC) design. By extending further, a proposed AES hardware
BIST design is incorporated into the AES processor core in Verilog RTL and FGPA
implementation. This will be a valuable asset to UTM for future SoC researches on
AES and BIST design.
vi
ABSTRAK
Kriptografi adalah sangat penting untuk menjaminkan keselamatan
penyimpanan and pertukaran maklumat melalui teknik penyulitan (encryption) dalam
dunia digital ini. Algorithm yang paling luas digunakan ialah Advanced Encryption
Standard (AES) yang diterbitkan pada tahun 2001. Algorithm AES adalah pantas
dan mudah dilaksanakan dan tujuannya adalah untuk melindungi maklumat dan
memastikan privasi maklumat. Dengan ini, perkakasan AES mesti mengelakan
kegagalan penyulitan yang akan meruntuhkan seluruh system. Built-In-Self-Test
(BIST) diperkenalkan dalam sistem AES akan meningkatkan kebolehujian dan
kebolehpercayaan sistem, yang seterusnya mempertahankan sistem daripada
pencerobohan and menyebabkan kurang kos ujian. Maklamat project ini adalah
untuk meneruskan penyelidikan pelajar UTM yang lalu dengan penggunaan FPGA
dalam rekabentuk System-on-Chip (SoC). Project ini juga dilanjutkan lagi dengan
mencadangkan rekabentuk BIST untuk perkakasan AES digabungkan dalam
prosessor AES dengan Verilog RTL dan penggunaan FPGA. Rekabentuk ini akan
menjadikan satu asset yang amat berharga kepada UTM untuk penyelidikan SoC
pada masa depan dalam rekabentuk AES dan BIST.
vii
TABLE OF CONTENTS
CHAPTER TITLE PAGE
DECLARATION ii
DEDICATION iii
ACKNOWLEDGEMENTS iv
ABSTRACT v
ABSTRAK vi
TABLE OF CONTENTS vii
LIST OF TABLES x
LIST OF FIGURES xi
LIST OF ABBREVIATIONS xiv
LIST OF APPENDIX xv
1 INTRODUCTION 1
1.1 Project Background 1
1.2 Project Objectives 3
1.3 Scopes of Work 3
1.4 Project Contributions 4
1.5 Report outline 5
2 BACKROUND AND LITERATURE REVIEW 6
2.1 Advanced Encryption Standard (AES) Overview 6
2.1.1 Advanced Encryption Standard (AES)
Algorithm
7
2.1.2 Overview of SBOX 8
2.2 BIST Overview 11
viii
2.2.1 Generic System BIST Architecture 12
2.2.2 SBOX BIST Architecture 13
2.3 Field-Programmable Gate Array (FPGA) 14
2.3.1 FPGA Architecture 15
2.3.2 NIOS Soft Core 17
2.3.3 Nios Development Board 19
3 DESIGN WORKFLOW, METHODOLOGY AND
DESIGN TOOL
21
3.1 Design Workflow 21
3.2 Verilog HDL 23
3.3 Altera Quartus II 24
3.4 System On Programmable Chip (SOPC)
Builder
25
4 DESIGN OF AES WITH SBOX BIST 28
4.1 Sbox BIST Operation And Design 28
4.2 Sbox BIST Implementation 30
4.3 System Level Modeling 32
4.4 Top Level Core Design 33
4.5 Control Unit 34
4.6 Datapath Unit 43
4.6.1 sboxWord Module 44
4.6.2 sboxWord_selUmux Module 44
4.6.3 sboxWord_selLmux Module 45
4.7 Clock Generation Module 46
4.8 Generic System BIST Idea 46
5 FPGA IMPLEMENTATION 48
5.1 Top Level SoC FPGA design 48
5.2 Nios Embedded System with SOPC Builder 50
5.3 Integration of AES BIST Core 52
5.3.1 Avalon Bus 54
ix
5.3.2 Avalon Interface Module 57
5.3.3 Address Multiplexing in AES Core Module 58
5.4 Configure APEX Device 60
6 SIMULATION AND RESULT ANALYSIS 63
6.1 Reproduce of AES256 Core Design 63
6.2 Sbox BIST Module Simulation 64
6.3 AES BIST Core Simulation 66
6.4 FPGA Implementation Result 70
6.4.1 AES Core FPGA Result 70
6.4.2 AES Core with Sbox BIST FPGA Result 73
6.5 AES BIST Core Performance Analysis 75
7 CONCLUSIONS AND FUTURE WORKS 77
7.1 Conclusions 77
7.2 Recommendations for Future Works 78
REFERENCES 80
Appendix A-B 81-90
x
LIST OF TABLES
TABLE NO. TITLE
PAGE
2.1 Nios CPU Architecture Variants
18
2.2 APEX 20K200E Feature
20
4.1 Mux Select by Control Unit
29
4.2 FSM State Transition of Control Unit
35
4.3 sboxWord_selUmux Operation
45
4.4 sboxWord_selUmux Operation
45
5.1 Avalon Slave Signal
55
5.2 Signals Connection Between Avalon bus and
Interface Module
58
5.3 Address Location of 16 Memory Address
59
5.4 Functions For Each Memory Location
59
5.5 Flash Memory Allocation
60
6.1 Simulation Result for AES BIST Core
69
6.2 Performance Analysis Comparison
76
xi
LIST OF FIGURES
FIGURE NO. TITLE
PAGE
2.1 Mapping of Input Bytes, State Array and Output
Bytes
8
2.2 AES Algorithm (Encryption)
9
2.3 SubByte() and InvSubByte() Transformation
10
2.4 Example of SubByte() Transformation
11
2.5 Generic System BIST Structure
12
2.6 Hardware BIST Architecture of 16-SBoxes
13
2.7 SBOX BIST Architecture
14
2.8 Basic Architecture of FPGA
16
2.9 Architecture of Single Logic Element
16
2.10 (a) 4-LUT Implementation
(b) Truth Table of Function
17
2.11 Nios CPU Diagram
18
2.12 APEX Nios Development Board Components
19
3.1 Design Methodology Workflow
22
3.2 Main GUI of Altera Quartus II 6.0
25
3.3 Block Diagram of NIOS in APEX board
26
3.4
Main GUI of SOPC Builder in Quartus II 27
4.1
Sbox BIST Architecture 29
4.2
Key Generation and Cipher Text operation in
AES Core
31
xii
4.3
Block Diagram of SBox BIST Implementation 32
4.4
System Level Modeling of AES With Sbox BIST
Core
33
4.5
Top Level Core Design 33
4.6
Top Level Block Diagram of Control Unit 34
4.7
Top Level Block Diagram of Datapath Unit 43
4.8
Block Diagram of sboxWord Module 44
4.9
Block Diagram of sboxWord_selUmux Module 44
4.10
Block Diagram of sboxWord_selLmux Module 45
4.11
Block Diagram of clk_33mhzTo8mhz Module 46
4.12 Generation of 8.33Mhz clock
46
4.13 Generic System BIST Block Diagram
47
5.1
Block Diagram of SoC FPGA Design 49
5.2
SOPC builder with Nios System Components 51
5.3
Pin Mapped Connection for Nios Components 51
5.4
Integration of AES BIST Core 52
5.5
Design Exceeded Logic Elements Limitation in
APEX Device
53
5.6
Avalon Bus as Backbone in Nios System 54
5.7
Avalon Slave Read Transfer with Wait Time 56
5.8
Specified Wait Time in SOPC Builder 56
5.9
Avalon Slave Write Transfer with Wait Time 57
5.10
Block Diagram of Avalon Interface 58
5.11
The Nios Development Board Setup and Serial
Port Connection
60
5.12
Delete User Defined Flash Region in Germ
Monitor
61
5.13 Downloading Configuration Data Hex File 61
xiii
5.14
Nios Embeded System with AES BIST Core
Downloaded
61
6.1
Timing Simulation of AES256 core (Encryption) 64
6.2
Timing Simulation of Sbox BIST Module 65
6.3
Timing Simulation of Sbox BIST Module 66
6.4
AES256 Encrytion With Sbox BIST Simulation 68
6.5
AES256 Decrytion With Sbox BIST Simulation 68
6.6
AES128 Encrytion With Sbox BIST Simulation 68
6.7
AES128 Decrytion Wit Sbox BIST Simulation 69
6.8
Part of Sample C Test Program 70
6.9
AES256 Encryption Result 71
6.10
AES256 Decryption Result 72
6.11
AES128 Encryption Result 72
6.12
AES128 Decryption Result 72
6.13
AES256 Encryption Result on Nios Board 73
6.14
AES256 RoundKey Generation 74
6.15
AES128 RoundKey Generation 74
6.16
AES128 RoundKey Result on Nios Board 74
6.17
Logic Element Count Snapshot 75
6.18
Maximum Frequency Snapshot 76
xiv
LIST OF ABBREVIATIONS
AES – Advanced Encryption Standard
AES128 – AES specification in 128-bit architecture
AES256 – AES specification in 256-bit architecture
BIST – Built-In Self Test
SBOX – SubByte Transformation
FPGA – Field Programmable Gate Array
VHDL – Very-High-Speed-Integrated-Circuit Hardware Description
Language
xv
LIST OF APPENDICES
APPENDIX TITLE
PAGE
A VERILOG SOURCE CODE FOR SBOX BIST
DESIGN
81
A.1 Avalon Interface Module (AES256_Avalon.v)
81
A.2 Clock Generation Module (clk_33mhzTo8mhz.v)
82
A.3 Top Level AES Core Module
(AES256_CORE_SBOX.v)
83
A.4 Sbox BIST Module(sboxWord.v)
85
A.5 Upper Mux Sbox Module (sboxWord_selUmux.v)
86
A.6 Lower Mux Sbox Module (sboxWord_selLmux.v)
86
B C PROGRAMMING CODE TEST ORIGRAM
88
CHAPTER 1
INTRODUCTION
This project proposes system level modeling of Built-In-Self-Test (BIST)
capability using Verilog hardware description language on Advanced Encryption
Standard (AES) core. The whole system will be implemented on Field-
Programmable Gate Array (FPGA) in System-on-Chip (SoC) design. The design is
to ensure the reliability and testability of digital data encryption and decryption in
AES core. This chapter covers the project background, project objectives, followed
by scope of work, project contributions and finally the report outline.
1.1 Project Background
In this paperless twenty-first century, almost all data processing or
information processing are in digital formats. Means to guarantee the secrecy of this
information has become very crucial and lot of researches have been made across the
centuries. In other words, in order to protect the data and keep privacy, the
information system should be equipped with cryptography which is the practice and
study of hiding information. Cryptography enables to store sensitive information or
2
transmit it across insecure networks (like the Internet) so that it cannot be read by
anyone except the intended recipient.
In October 2000, the NIST (National Institute of Standards and Technology)
announced the approval of a new secret key cipher standard chosen among 15
candidates. This new standard algorithm was meant to replace the old DES
algorithm, whose key sizes were becoming too small. Rijndael – a compressed name
taken from its inventors Rijmen and Daemen - was chosen to become the future
AES. This cryptography AES standard has been designed in UTM-Crypto256
Processor Core on hardware implementation (FPGA) with key RAM, which can
make not only a forward key scheduling for encryption but also a reversed key
scheduling for decryption. Therefore, this hardware implementation enhances the
physical security as well as higher speed and outside attackers cannot easily attack,
interrupt or modify its operation.
However, with the increasing growth of sub-micron technology has resulted
in the difficulty of testing. Manufacturing processes are extremely complex, making
the manufacturers to consider testability as a requirement to assure the reliability and
the functionality of each of their designed circuits. Also, specific attacks are possible
because the attacker has access to the physical cryptographic device to compromise
secret keys of cryptographic algorithms by using standard statistical tools. As a
result, a good cryptographic device must therefore ensure high reliability and
dependability and, in addition, it must implement some countermeasures to prevent
the possibility of gathering the secret code by mean of any attack.
Built-In-Self-Test (BIST) is one of the most popular test technique used to
ensure the testability of device. With further detailed BIST design down to module
level, although not specifically designed to protect against tampering, this design will
makes more difficult being attacked based on power analysis. However, drawback of
BIST is that it introduced additional implementation hardware overhead, design
cycle time, design resources and degradation.
This project focuses on the design of the embedded BIST architecture on
SBOX hardware inside AES core. AES core is a cryptography core which can make
3
not only a forward key scheduling for encryption but also a reversed key scheduling
for decryption. The BIST design will be implemented using Verilog Hardware
Description Language at the Register Transfer Level (RTL) abreaction level. SBOX
BIST technique is incorporated into the AES core on system level and implemented
on hardware (FPGA) in System-on-Chip (SoC) design.
1.2 Project Objectives
From the discussion from previous section, this report set out two main
objectives for the research:
1. To design Built-in Self Test (BIST) down to AES Sbox level to further
enhance the security of stored information on AES core.
2. To incorporate AES core with generic system Built-In Self Test (BIST)
design on AES encryption processor core.
3. To implement AES core with Built-In Self Test (BIST) capability on Field-
Programmable Gate Array (FPGA) in System-on-Chip (SoC) design.
1.3 Scopes of Work
Based on available hardware and software resources, limited time frame and
expertise, this research project is narrowed down to the following scope of work:
(i) This project is not to design the AES core but to understand the architecture
and implementation of existing UTM-Crypto256 AES Processor Core.
4
(ii) Enhance AES core with system generic BIST capability to increase the
testability.
(iii) Design BIST down to SBOX module level to increase the security of device.
(iv) The design is to be modeled at system level and then translate to RTL
abstraction level (verilog coding).
(v) Logic and functional validation, synthesis and timing simulation for verify
the design correctness will be performed using Altera Quartus 6.1.
(vi) The hardware implementation will be on Altera APEX20KE FPGA, using
EP20K200EFC484-2X device with Nios processor embedded inside.
1.4 Project Contributions
(i) With the implementation of BIST, expensive tester requirements and testing
procedures starting from circuit or logic level to field level testing are minimized.
The reduction of the test cost will lead to the reduction of overall production cost.
(ii) BIST will also increase the security of encrypted information and prevent
being attacked and thus ensure the reliability of AES core.
(iii) UTM will own this embedded BIST on AES core and thus enables future
works on System-On-Chip (SoC) researches such as upgrade the whole system into
Nios II FPGA board.
5
1.5 Report Outline
This report is organized into seven chapters. Chapter 1 basically gives an
overview on the project, objectives, scope of works and project contribution.
Chapter 2 gives the literature review on AES architecture, Sbox BIST and
FPGA architecture aiming to have a greater understanding of the overall idea of this
project. Chapter 3 mainly concentrates on the Design Workflow, Verilog overview,
Altera’s Quartus tool and SOPC builder tool.
Chapter 4 discusses on the design implementation of Sbox BIST in
simulation and end with generic system BIST idea. Chapter 5 focuses on FPGA
implementation which covers from top level design, Avalon bus down to APEX
device configuration.
Chapter 6 mainly discusses simulation results and some performance
analysis. The report will end with the conclusion and future works in Chapter 7.
This report also enclosed with references and the appendix which consists of
the Verilog coding.
REFERENCES
1. Yit Pin, Lai (2007). Verilog Design of 256-bits AES Crypto Processor Core.
Master Thesis. Universiti Teknologi Malaysia; 2007.
2. G. Di Natale, M. L. Flottes, B. Rouzeyre. On-Line Self-Test of AES Hardware
Implementations. France : Université Montpellier II
3. Daemen, J., Rijmen, V. (1999). The Rijndael Block Cipher. Document Version 2
4. Pierre Loidreau (2005). Introduction To Cryptography
5. Svante Seleborg (2007). About AES – Advanced Encryption Standard
6. Dr Mohammad Khalil Hani (2008). Digital Systems – VHDL & Verilog Design
7. Jasmine Hau Yuan Wen. Nios Avalon Bus In Slave Transfer Tutorial
8. Altera (2004). Avalon Interface Specification Reference Manual
9. Altera (2003). Nios Embeded Processor Development Board Datasheet
10. Altera (2002). Excalibur Nios Tutorial
11. Altera (2008). Quartus II Version 8.0 Handbook Volume 4: SOPC Builder
12. Altera. Introduction to the Altera SOPC Builder Using Verilog Design
13. Alam, M., Badawy, W., and Jullien, G. (2002). A Novel Pipelined Threads
14. Architecture for AES Encryption Algoritma. IEEE International Conference on
Application-Specific System, Architectures, and Processors (ASAP’02): IEEE,
1063-6862/02.
15. Brown, S. (2000). Fundamentals of Digital Logic With VHDL Design. New
York: McGraw-Hill.
16. Fenn, S. T. J., Bennaissa,M., and Taylor, D. (1996). Finite Field Inversion Over
the Dual Basis. IEEE.
17. John D.Carpinelli (2000), Computer Systems Organization & Architecture,
Pearson Education
18. N. Kranitis. An Effective Deterministic BIST Scheme for Shifter/Accumulator
Pairs in Datapaths. Greece: Institute of Informatics & Telecommunications
19. National Institute of Standards and Technology (2001). Advanced Encryption
Standard, National Institute of Standards and Technology : Federal Information
Processing Standards Publication 197.
20. Panato, A., Barcelos, M., and Reis, R. (2002). An IP of an Advanced Encryption
21. Standard for AlteraTM Devices. 15 th Symposium on Integrated Circuit and
System Design (SBCCI’02): IEEE, 0-7695-1807-9/02.
22. Paul Kocher, Joshua Ja_e, and Benjamin Jun. Differential Power Analysis.
USA: Cryptography Research, Inc
Top Related